Monday, June 06, 2016

I'm joining the fight against malware and ransomware with SentinelOne

Todayis a bigday forme. I’m contributing to a company called SentinelOne, but I really don’t think of it as a job. I’ve accepted an opportunity to work side by side with other brilliant and highly motivated people where we’re all helping to solve important and challenging InfoSec problems. In this case, malware and ransomware. You see, more than anything, I want to make a positive impact on InfoSec. As I’ve said many times, we who work InfoSec are responsible for protecting the greatest invention we’ll see if our lifetime — the Web, the Internet, and the billions of people using it every day. That’s our mission, our calling. As such, I’ve always kept a evolving list of our industries biggest challenges, which I include in most of my slide decks.

Intersection of security guarantees and cyber-insurance

Explosion of Ransomware

Vulnerability remediation

Industry skill shortage

Measuring the impact of SDLC security controls

The only problem on the list I haven’t gotten the chance to work on is ransomware, an incredibly effective and fast-growing form of malware that’s taking over. I’ve long railed hard about the crap antivirus products on the market and the billions of dollars people and companies spend annually to effectively make themselves less secure. Yes, that’s right, I said LESS secure. The FBI recently published that ransomware victims paid out $209 million in Q1 2016 compared to $24 million for ALL of 2015. Some non-trivial percentage of those ransom dollars will be used for R&D, so the smart money says ransomware will quickly get even more sophisticated and out of hand. And to that point, in recent and well publicized news, ransomware is also responsible for disrupting the care of patients in a few hospitals. This can’t be allowed — lives are at risk!

In my life after WhiteHat, I looked at ton of companies and interesting opportunities where I could lend a helping hand, of which there was no shortage. My inbox was crushed with many worthy projects, but I knew I had to choose wisely. Then out pops a company with some super cool tech and few have heard of them, SentinelOne. SentinelOne is right smack in the middle of the malware/ransomware war, for which Gartner calls next-generation endpoint protection (NG EPP). I met with the founders, the team, all super cool and passionate people. A real gem of a start-up. I felt strongly that I needed to join this fight. Plus, I’ll be working on some exciting stuff behind that scenes that I can’t wait to share with world. Good things take time, so please, standby!

About Me

Jeremiah Grossman's career spans nearly 20 years and has lived a literal lifetime in computer security to become one of the industry's biggest names. He has received a number of industry awards, been publicly thanked by Microsoft, Mozilla, Google, Facebook, and many others for his security research. Jeremiah has written hundreds of articles and white papers. As an industry veteran, he has been featured in hundreds of media outlets around the world. Jeremiah has been a guest speaker on six continents at hundreds of events including many top universities. All of this was after Jeremiah served as an information security officer at Yahoo!